caat.org.uk

.uk crawl

First seen 2026-04-23 · Last seen 2026-05-16 · ok HTTP/1.1 200 2141 ms crawled 2026-05-16

US · 104.26.11.171 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: CAAT - Homepage
Description: Campaign Against Arms Trade
Generator: WordPress 6.9.1
Canonical: https://caat.org.uk/

Open Graph

url: https://caat.org.uk/
title: CAAT - Homepage
description: Campaign Against Arms Trade

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Google Tag Manager

Fonts

Adobe Fonts

Third-party hosts loaded (9)

ajax.googleapis.com×2
cdn.jsdelivr.net×2
cdnjs.cloudflare.com×2
unpkg.com×2
www.google.com×2
cc.cdn.civiccomputing.com×1
cse.google.com×1
use.typekit.net×1
www.googletagmanager.com×1

Social

Contact

Phone

02072810297

Registration

Registrar

Easyspace Ltd

Created

2000-04-13

Expires

2027-04-13 328 days left

Updated

2026-04-10

Name servers

alfred.ns.cloudflare.com.
serenity.ns.cloudflare.com.

DNS records live

NS

alfred.ns.cloudflare.com
serenity.ns.cloudflare.com

MX

300 caat-org-uk.mail.protection.outlook.com

TXT

google-site-verification=ZV8cGACmivNuOs5LGMmw5pK0XJYQy8YhBpsFGgxpPVc
MS=ms18041255
google-site-verification=VkTefsAeW3NTukxoyBCxdZ_v6H2ntBmMCHOuZMZ9tZ4

Email authentication partial

SPF

v=spf1 a a:office.caat.org.uk include:spf.protection.outlook.com a:mail.rapidata.aws.netcelhosting.co.uk ip4:78.141.226.95 ip4:157.90.125.221 -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:security@caat.org.uk; adkim=r; aspf=r; sp=none

policy: none (monitoring only) · sp=none

DKIM

selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBb9hoybHdRpdu8rWBWexiGvg4zr2T6+j+zMX+n6Cm2QKsW1qvhhcGewaTKJi4CloeqKLHNR8tUDP65Da95G…
mail: v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxYutEwyisjg2TmgqF/Gdas1hElF42SfdUWd1azXfv62u5dD4UmyzSfyyXyAqoVoJEHH…

selectors probed

Certificate (current)

WE1

from 2026-03-26 to 2026-06-24

Expires in 35 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://caat.org.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: default-src 'self'; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://www.google-analytics.com https://region1.google-analytics.com https://data.caat.org.uk https://s.ytimg.com https://www.youtube.com https://cc.cdn.civiccomputing.com https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://cse.google.com https://ep2.adtrafficquality.google https://ajax.googleapis.com https://cdn.jsdelivr.net; worker-src blob:; style-src 'self' 'unsafe-inline' https://data.caat.org.uk https://p.typekit.net https://www.google.com https://fonts.googleapis.com https://www.googletagmanager.com https://unpkg.com https://cdnjs.cloudflare.com https://use.typekit.net; object-src 'none'; frame-src https://cse.google.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com https://www.googletagmanager.com https://ep2.adtrafficquality.google https://caat.eaction.org.uk; img-src https: data: blob:; font-src 'self' data: https://
strict-transport-security: max-age=31536000; includeSubDomains

Links to (7)

Linked from (1)

5callyroad.org×2